Mobile Fraud Highlights Roaming Risk.
News of the British couple who had their mobile phone stolen on holiday and subsequently faced a phone bill for 8,000 pounds ($14,630) after the phone was used fraudulently, highlights the risk to both mobile phone users and operators associated with mobile roaming.
But more could be done to avert the risk posed by phone fraudsters, ComputerWire has learned.
London's Metro newspaper reported yesterday the story of a couple who were holidaying in Mozambique when their mobile phone, on the T-Mobile network, was stolen. The couple were on a fishing trip and were unaware that their phone had been stolen, and over the next seven days it was used to make hundreds of fraudulent calls to Senegal, Pakistan and the Middle East.
The couple said they were "astonished" that T-Mobile did not spot the fraud earlier, since their bills usually only came to 20 or 30 pounds ($40 or $50).
T-Mobile did spot the fraud and blocked the line, even before it was reported stolen, but only after seven days' worth of international calls had been made from the number. While T-Mobile initially insisted that the bill should be paid by the unfortunate couple, yesterday lunchtime in the face of growing publicity the company announced that it would waive the bill.
The case throws up a number of important issues in the mobile space. While most if not all mobile operators employ fraud detection software to try to prevent this kind of fraudulent use of a phone when it is lost or stolen, it is not foolproof, nor can it detect a fraud instantaneously.
Fraud detection software trawls through call records looking for anomalies or unusual behavior patterns that might be the result of a fraud. The software "learns" from users' usage patterns and compares this with the latest data collated. Various rules and thresholds can be set to determine the norm, and hence what is unusual.
But for the software to work, it needs to analyze the latest call detail records (CDRs) to establish unusual behavior. When a mobile user is roaming outside of their own country these CDRs are not generated by their home operator but by partner operators. It can take several days for these records to be passed back to the home operator, during which time many thousands of pounds can be defrauded.
T-Mobile spokesperson Patrick Barrow told ComputerWire: "These calls were not made on our network, but on a partner network. It's very hard to detect something when the activity is not actually on our network."
But there is something operators can do to protect themselves and their customers. It is called Near Real Time Roaming Data Exchange (NRTDE) and it has been developed by a little-known German company called OpTel Informatik GmbH. According to the company, instead of passing data slowly via the usual billing routes from one partner back to the home operator, NRTDE offers direct transfer via a centralized data exchange platform, using Internet Protocol.
It supports the common CDR standards, and because it can use Internet Protocol to transmit the data, it should be relatively inexpensive, according to the company. Because the information is passed in near real-time to a central exchange, fraud detection is much faster and risks are reduced.
T-Mobile's Barrow could not comment on the technology, but according to OpTel Informatik, the system was actually developed with engineers from none other than T-Mobile. One drawback is that it relies on not only T-Mobile but also on T-Mobile's roaming partners to adopt the system for it to work effectively.
Another issue is that while the fraudulent use of a phone to make a call may cost either the owner of the phone or the operator several dollars per minute, with the move towards the use of mobile phones to handle more complex and higher value transactions, the potential damage wreaked by fraud could escalate.
Andrew Rodaway, a spokesperson for billing system and telecom fraud detection software vendor Intec Telecom Systems said: "It is one thing if you are talking about a relatively cheap phone call, it becomes another if you are talking about $10 movie download. Then imagine thousands of downloads in a day. If anything this is likely to become a bigger problem."
Rodaway said that while T-Mobile's International mobile subsidiary is a customer of Intec Telecom Systems' software, it does not use its fraud detection software.
Meanwhile, until systems like OpTel Informatik's become widely adopted, the risk of fraudulent use of "roaming" mobile phones will be ever-present. Rodaway's advice is: "It is worth people considering using their phones abroad to check the terms of their agreements in the event they become the victim of fraud, and consider insurance against it if it is available."
|Printer friendly Cite/link Email Feedback|
|Date:||Jan 9, 2004|
|Previous Article:||IBM Sees Possible SEC Suit Over Retail Accounts.|
|Next Article:||Equant Targets Services and North America.|